OneAuth 3.0: Updating your app to the new encryption process
What happens while updating
To upgrade your OneAuth app and move to the new encryption process, we will ask you to enter your passphrase. Using your passphrase, we will decrypt the OTP secret keys in Cloud (which were encrypted with AES-ECB mode) to plaintext secret keys. Then, we will encrypt these plaintext secret keys with AES-GCM mode and then store them in Cloud. This way, we will have moved from the old encryption process to the new process (i.e, AES-GCM).
If you don't remember your passphrase, there is no way to decrypt the secret keys present on Cloud, which means they cannot be recovered. However, if you have all your secret keys present locally on your device (i.e., in the Authenticator tab of your OneAuth app), then you can simply reset your passphrase. The secret keys on your device will be encrypted with AES-GCM mode and stored in Cloud.
The problem arises when you don't have all your secret keys locally on any of your devices. When you reset passphrase, the secret keys that you don't have on your device will be lost. You will have to reset TFA for those accounts and add them again in OneAuth.
Steps to update
- Get the lateset version of the app from Appstore/Playstore. For Windows, you can get the app from Microsoft Store.
- Open OneAuth and go to the Authenticator tab.
- In the What's New screen, tap Get Started.
- To complete the upgrade, you will need to enter your passphrase. Tap Continue, enter your passphrase, then tap Done.
Forgot your passphrase?
If you forgot your passphrase, we will inform what you can do, based on whether you have all the secret keys available on your device or not.
Case 1: You have the same number of accounts on device as in Cloud
In this case, you can tap View accounts to see the accounts you have on your device and the ones available on Cloud. If all the required accounts are present on your device, you can safely reset your passphrase.
Case 2: Some accounts present on Cloud is missing on your device
You can tap Accounts at risk to see which accounts are missing on device. These accounts cannot be recovered if you reset your passphrase.
However, if you're using OneAuth on multiple devices and the missing accounts are present on any of those devices, you can recover them. Follow the steps below:
- On your current device, Click Continue and reset your passphrase. The update will be completed and the accounts on your device will be stored on Cloud.
- Now, on the device where you have the missing accounts, update the OneAuth app.
- Go to the Authenticator tab.
- Tap Get Started, then tap Continue.
- Enter your new passphrase (which you've reset), then tap Done. The additional accounts present on this device will get backed up to Cloud.
Access your files securely from anywhere
Zoho CRM Training Programs
Learn how to use the best tools for sales force automation and better customer engagement from Zoho's implementation specialists.
Zoho DataPrep Personalized Demo
If you'd like a personalized walk-through of our data preparation tool, please request a demo and we'll be happy to show you how to get the best out of Zoho DataPrep.
- Zoho Workerly Home
- Forums
- Connect With Us:
- Zoho Recruit Home
- Forums
- Connect With Us:
New to Zoho Writer?
Create. Review. Publish.
New to Zoho CRM Plus?
Deliver unforgettable customer experiences
New to Zoho CRM Plus?
Deliver unforgettable customer experiences
New to Zoho Marketing Plus?
Everything you need to run your marketing
New to Zoho Marketing Plus?
Everything you need to run your marketing
You are currently viewing the help pages of Qntrl’s earlier version. Click here to view our latest version—Qntrl 3.0's help articles.
New to Zoho Survey?
Zoho Sheet Resources
Zoho Forms Resources
New to Zoho Sign?
Zoho Sign Resources
Sign, Paperless!
New to Zoho TeamInbox?
Zoho TeamInbox Resources
New to Zoho ZeptoMail?
Design. Discuss. Deliver.
New to Zoho Workerly?
New to Zoho Recruit?
New to Zoho CRM?
New to Zoho Projects?
New to Zoho Sprints?
New to Zoho Assist?
New to Bigin?
Related Articles
OneAuth 3.0: Enhanced encryption & sync logic of OTP secret keys
The need for encrypting OTP secret keys In OneAuth, you can back up your OTP secret keys with Zoho Cloud to have them synced across all your devices and to restore them whenever needed. More about backup and sync Info: "Secret key" refers to the ...Security key
What is a security key? Security key is a hardware device that can be used to enable multi-factor authentication (MFA). They don't require a battery to function and need no software installation to authenticate your accounts. How security keys work? ...OneAuth
Zoho's OneAuth is a multi-factor authentication (MFA) app designed to secure your Zoho accounts as well as other third-party accounts. The key features of OneAuth include the following: Passwordless sign-in allows you to sign in to your account ...Set Up Vault in OneAuth
Zoho Vault has been integrated into the OneAuth app, bringing your authentication and password management into a single, secure space. OneAuth uses the same end-to-end encryption trusted by millions of Zoho users. If you're an existing Zoho Vault ...Smart Sign-in using OneAuth
Smart Sign-in is a secure and seamless way to sign in to your Zoho account by scanning a QR code using Zoho's Authenticator app, OneAuth. You need not type in your username or password manually. Prerequisites You need OneAuth installed on your mobile ...
New to Zoho LandingPage?
Zoho LandingPage Resources